package org.firebug.spring.cloud.resource.controller;

import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/res")
public class ResController {

    @RequestMapping("/h1")
    public String h1() {
        return "h1, 你好";
    }

    @RequestMapping("/h2")
    @PostAuthorize("returnObject.type == authentication.name")
    public String h2() {
        return "h2, 你好";
    }

    @RequestMapping("/h3")
    @PreAuthorize("hasAuthority('USER') OR hasRole('USER') OR hasRole('ROLE_USER')")
    public String h3() {
        return "h3, 你好";
    }
}
